Extra Pepperoni

To content | To menu | To search

Mac OS X

http://www.apple.com/macosx/

Entries feed - Comments feed

Friday, May 28 2010

Control arrows in Mac bash

I've been annoyed for some time that the extremely handy bash keyboard shortcuts Control-left arrow and Control-right arrow, which move by word in Linux, don't work in Mac OS X. Today I finally got aggravated enough to do some googling, and pieced together the answer.

First, bash normally defines both Control-left arrow and Esc,B as move left one word; likewise both Control-right arrow and Esc,F are defined as move right one word.

The fix is simply to tell Terminal to send Esc and then b when Control-left arrow is typed, and Esc then f for Control-right arrow. I could probably figure out what "[5D" means in Terminal's preferences and configure bash on my Macs to jump by word on that input, but this way I only have to configure 2 Macs, and it works on remote Solaris boxes as well.

Note that bash considers / to be a word delimiter, so these move through paths by directory.


Before

Terminal preferences: before

The change

Terminal preferences: changing shortcut

After

Terminal preferences: after

Tuesday, May 5 2009

Automatic Network Optimization with MarcoPolo

The Problem: Ethernet >>> AirPort

For whatever reason, my MacBook Pro doesn't get very good network performance over 802.11n AirPort. Since I routinely copy everything from half-hour MPEG videos (hundreds of megabytes) through full DVDs (several gigabytes) between it and my Linux server, I much prefer gigabit Ethernet.

It turns out Apple's AFP & SMB clients are smart enough to seamlessly migrate a network connection from one transport to another -- if you disconnect from Ethernet but AirPort remains up, Mac OS X will reconnect to the file server via AirPort. Contrawise, if Ethernet is connected when AirPort goes offline, the connection will switch back. Note that I haven't tested with Ethernet & AirPort in different subnets.

This means once I have reconnected the Ethernet cable, I have 2 ways to switch my SMB connection back: I can unmount all shares from that server and then remount, or I can bring down the AirPort connection and force the OS to migrate my connections over. I prefer not to bring down AirPort, because that breaks any other open AirPort connections, which might not reconnect (iChat reconnects; Safari downloads just fail), but I do this sometimes when a program is using the share and preventing the umount from succeeding.

For over a year, I've been using a shell alias to handle the disconnect/reconnect -- below is the final version. The grep was so I could confirm it worked -- if I see prowlere (Ethernet interface), I know I have a fast connection. If I see prowler instead, I still have a slow AirPort connection -- most likely because an open file prevented the umount.

alias remount='umount /Volumes/inspector; umount /Volumes/dvd; umount /Volumes/1tb; open smb://pepper@inspectore.rep.dom/inspector/; open /Volumes/inspector/home/pepper/tivo/; sleep 10; netstat -a | grep \.micro | grep ESTABLISHED'

The Improvement: Automation

Back in the Jaguar era, I had a script to run Plucker automatically. I had my laptop configured to run it both via cron and whenever I (dis)connected my Ethernet cable, but when the network trigger broke I just refined my crontab to compensate and forgot about it. In Leopard, launchd handles tasks like this, but it doesn't offer network triggers.

I wanted to recreate the automatic trigger on network reconnection, but wasn't sure how to do it. crankd could probably do the trick, but I don't know Python. Fortunately Jeremy Reichman pointed me to MarcoPolo, which fits the bill admirably.

I was initially confused by the fact that MarcoPolo automatically copied the system's Network 'Locations', which I don't want to change. Fortunately MarcoPolo is happy to work with its own 'Contexts', and leave the system Location untouched. I created a couple contexts, 'en0 online' and 'en0 offline', told MarcoPolo to use IP and NetworkLink as "Evidence Sources", and configured it to switch to 'en0 online' when the 'prowlere' IP comes online. On the other hand, "en0 (Ethernet) link inactive" switches to 'en0 offline'. This way if I connect to an outside network and get a different Ethernet IP, it won't try to connect to my home server. MarcoPolo can run shell scripts, so I converted my alias to a script, which runs on switching to 'en0 online':

pepper@prowler:~$ cat bin/remount 
#!/bin/sh
# remount: Reconnect to inspectore, hopefully via Ethernet rather than AirPort

umount /Volumes/inspector
umount /Volumes/dvd
umount /Volumes/1tb
open smb://pepper@inspectore.rep.dom/inspector/
sleep 10
netstat -a | grep micro | grep ESTABLISHED | awk '{print $4, $5}' | growlnotify -w

Future possibilities include launching iPhoto when I connect a camera memory card but not when I plug in the iPhone (I already had 37signals' workaround, but MarcoPolo would have been a simpler option), or switching iTunes to the upstairs speakers when I connect to the upstairs monitor (iTunes' output device is not currently scriptable, so I filed an RFE). Unfortunately, since these triggers and actions are all orthogonal to each other, I'd end up multiplying contexts to accommodate them, which is suboptimal.

David, thanks for MarcoPolo!

Monday, February 2 2009

iChat: AIM Multiple Login Conflict & Automated Login/Logout

iChat has a bug whereby it won't let me be logged into the same .Mac account on multiple Macs at one time. There's an option to allow this, but it doesn't work. Apple isn't fixing it, and I'm sick of the un-blockable AOL error chats that come up each time I switch without logging out on the other end first.

Additionally, it's confused at least one person to have me logged into iChat at work, even though I wasn't seeing chats after I left.

Fortunately in Leopard this is easy to fix. I tried in Tiger but never got it to work right -- probably because I don't really grok AppleScript. I have a script that logs me in, and one that logs me out. On my work Mac, I run them to log in shortly before I get to work, and out after I leave. At home, I log in awhile after the work system logged out, and log out before the work system logs in.

pepper@prowler:~$ crontab -l |grep ichat
0   8   *   *   1-5 /usr/bin/osascript ~/bin/ichat-logout.txt
30  18  *   *   1-5 /usr/bin/osascript ~/bin/ichat-login.txt
pepper@prowler:~$ cat bin/ichat-login.txt 
tell application "iChat"
    log in
end tell
pepper@prowler:~$ cat bin/ichat-logout.txt 
tell application "iChat"
    log out
end tell

Tuesday, May 13 2008

My favorite Mac OS X command: open

For years I've been hearing complaints about the Finder, chiefly from John Siracusa and John Gruber. They have mostly gone in one ear and out the other, because of a little secret I have.

See, back in the day of Mac OS X Public Beta (pre-1.0), the Finder was really bad. Dog slow (much worse than now), highly crash-prone, and very limited (compared to both the Mac OS 9 Finder and the Leopard Finder).

When I was still working at The Shooting Gallery, fixing Macs, learning UNIX, and trying to jettison hacked Windows servers (unsuccessfully), the Mac OS X Public Beta was a very big deal. Its Terminal application and command-line environment much more stable than the still-very-beta Finder, so, I used them as much as possible. Over the years, as I have read ongoing complaints about the Finder, I have continued to use Terminal and the command line, and been largely insulated from the Finder's failings.

I would like to mention three Apple tricks for mixing the GUI and CLI worlds -- not that there couldn't be others I don't know. One is that you can drag files into Terminal, and it will insert their paths. This is excellent, because instructions can say things like:

Now open your Applications Folder, and the Utilities folder there, and Terminal inside Utilities. Next type "chmod u+x " (make sure to leave that space at the end), and drag the file you just downloaded into the Terminal window. Then press Return.

I don't use path insertion often, though, because Tab completion is faster than switching to the Finder, digging up the file, and dragging. Ironically, when I read In the Beginning Was the Command Line, I thought it was absurd that Stephenson claimed typing could be faster than mousing. All those keys to hit! Alas, the CLIs I had used at the time did not have Tab completion, which does in fact make the keyboard faster than the mouse.

So anyway, back to the point of this post: the path from the command line back to the Mac OS X GUI: the open command. Apple has given this one simple command the ability to open files, folders, URLs (web pages, email addresses, etc.), applications (optionally passing them files), etc. This single command allows me to do 90% or more of my file system navigation in the command line (where ssh and friends live) instead of in the Finder.

We love it!

I actually use the bbedit command as frequently.

There's a third bridge between the CLI and GUI spheres: executable scripts with the .command suffix are launchable as Mac applications, but run as CLI scripts. I like putting these in the Dock, although for my own use I mostly launch scripts directly from the command line. If you find yourself in need of argument processing, check out Fred Sanchez's DropScript hack useful; it can add argument processing which is not available with the .command technique.

PS-If you want to run AppleScripts from the shell, look into the osascript command.

Thursday, February 28 2008

Mac OS X Leopard: Changes and confusion regarding network mounting

Apple put a lot of effort into making network sharing (Mac and Windows networking using the AFP & SMB/CIFS protocols) easier in Leopard. One of the things they did was introduce credential caching at the system level, so once you mount another Mac via AppleShare (for instance), you could then connect to it with Screen Sharing too, without authenticating. This is neat, but a bit problematic. I have had cases where:

  1. I had to kill NetAuthAgent (the background process that appears to hold username/password pairs on your behalf) to make mounting work
  2. I had to rearrange windows around onscreen, because a (stalled) progress window was hiding a username/password window, and never going to get anywhere without some help; other times I have dismissed the progress dialog without realizing it was waiting for a concealed window.
  3. I have had to Force Quit and relaunch the Finder before it could (re-)mount some or all network volumes.
  4. I have had to reboot the Leopard server before I could (re-)mount its volumes.
  5. I have had Leopard systems fail to share out volumes, and had to re-share them manually. Part of this appears to be a different issue, where Leopard systems don't even mount additional drives until a user logs in (obviously unmounted volumes cannot be mounted over the network). That's not right!

Tonight's problem was a bit different -- I was connecting to a Windows server running Samba, and not getting the right permissions. When I looked in the server's /var/log/samba/smbd.log (because I cannot find any way to see the account used for a network mount in in the Finder), I discovered that the share was mounted as the wrong user. I had never gotten the username/password dialog for this mount, as I had (the wrong) user credentials cached in NetAuthAgent.

The Tiger behavior is to default to the client username (the account mounting the share from the server). Leopard instead uses whichever user it has a cached credential for. I have now changed my scripts to always specify the username when mounting shares, e.g., open smb://pepper@inspectore/inspector.

Tuesday, December 18 2007

Leopard's bash auto-completion vs. symlinked directories

In Leopard, Tab completion in bash doesn't immediately append trailing slashes to symbolic links that point to directories. When I complained about this change to Apple, I was told it was user configurable, and I should just configure the old behavior. It took me a while to actually find the solution -- partially because it isn't within bash itself, and partially because it was quite a nuisance but not a serious problem.

For example, ~/www is a symlink to /Volumes/www, and I cd to directories below it quite frequently. I'm in the habit of typing "cd w[Tab]/pu[Tab]", which should expand to "cd www/public_html". This broke in Leopard -- I needed an extra Tab to get the / -- otherwise I'd end up with the ugly and non-functional "cd wwwpu". Anyway, the fix is:

echo "set mark-symlinked-directories on" >> ~/.inputrc

Now Tab completion works the way I want it to again. Thanks, stylishpants!

Saturday, December 1 2007

Yay! Leopard fixed kickstart

ARD includes a very handy script called kickstart (/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart), to configure the Remote Desktop agent, which is also what Leopard's Screen Sharing uses. This is important because Murphy says that you will always first need to connect to a recently installed machine and only then discover the ARD agent is off. With the kickstart agent, you can configure user access to Remote Desktop through an ssh connection, and turn the agent on.

Unfortunately, it never worked for me. I have tried to use kickstart on at least 4 separate occasions (always on Tiger systems), and it never did what I wanted. Tonight, I used it on a 10.5.1 system, and in about 5 minutes I had access (manually tunneled through ssh, no less). It would have been faster if the kickstart command was simple (it's somewhat involved), or if I wasn't determined to configure access controls before turning on ARD. It's easy to configure ARD access via System Preferences:Sharing, but bad practice to enable services without access control configured.

Hoo-rah!

To learn about kickstart, use sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -help. If WordPress won't let you read that whole line, try copying it into another program. Apple's Apple Remote Desktop Administrator’s Guide includes some helpful examples.

We also use an UID 0 account, which doesn't appear in System Preferences:Sharing, so I tend to create the account, set the UID, remember ARD, and curse as I discover I can no longer enable ARD access to that account without restoring the UID -- quite a nuisance. Since local accounts are now stored in .plist files, adding our UID 0 account and giving it ARD access should both be much easier now.

Saturday, November 10 2007

Time Machine: Exclude All System Files

Time Machine has a hidden feature, to "Exclude All System Files". In Leopard Server's Standard mode, Time Machine is a service, and in Server Preferences you can control whether clients back up their system files, or skip them. This is logical -- for personal backups you want everything, but if you have enough users to justify a file server, you might well not want to back up the same Leopard system files for each user.

Today's handy-dandy discovery was that Mac OS X Leopard "user" has this feature too, but there's no visible knob to turn it on. Interestingly, I cannot find such a control in Server Admin either, which could be my oversight or could simply be a bug (I've reported it, anyway).

Instead, if on the client you add /System to Time Machine's list of directories not to back up (I also skip /Developer, /sw, and my music files), Leopard pops up a handy dialog, asking if you really want to "Exclude All System Files". I chose yes, although I'd like to know exactly what (directories) are excluded by this option.

Saturday, November 3 2007

Screen Sharing replaces Apple Remote Desktop

Update 2009/01/15 If you connect to a particular machine frequently, you could put a clickable icon into the Dock.

  1. Put these two lines into a plain text file (I'll call it myserver.command). The filename must end with .command to be launchable from the Finder.
  2. Make sure it has UNIX line breaks.
  3. Make it executable (chmod +x myserver.command).
  4. If you use it a lot, drag it into the Dock for quick access.
#!/bin/sh
(sleep 4; open vnc://127.0.0.1:5901) & ssh -C -4 -L 5901:127.0.0.1:5900 myserver

That will ssh to myserver, pop back a tunnel for VNC, and point Screen Sharing to the tunnel. After you close the Screen Sharing connection and log out of the ssh session, the tunnel will be closed automatically.


Update 2008/2/3: Adam, thanks for the suggestion -- I'd forgotten about the vnc:// scheme. But who's Geoff?? I prefer aliases to functions because they're simpler, and like to leave an ssh shell open, both for my own use and as a reminder to close the tunnel when done. Here's a simpler alias -- note that you must still supply the hostname on the command line after the alias, e.g., "stss salt".

alias stss="(sleep 4; open vnc://127.0.0.1:5901) & \
ssh -C -4 -L 5901:127.0.0.1:5900"

Update 2007/12/14: I added a pbcopy command to put '127.0.0.1:5901' on the Clipboard (pasteboard), so now I can just Paste and then delete (pbcopy appends an undesired Return to the Clipboard), which makes the whole thing easier. New alias (note that this is really properly one line, but it doesn't wrap properly without help):

alias stss='echo 127.0.0.1:5901 | pbcopy; open \
/System/Library/CoreServices/Screen\ Sharing.app; \
ssh -C -4 -L 5901:127.0.0.1:5900'

I have a couple licenses for Apple Remote Desktop at work, for managing our 8+1 Mac cluster ("the orchard") and for managing other Mac servers on campus. I find ARD very useful because although Remote Desktop uses VNC as the underlying protocol, Apple's compatibility has been poor, so I had lots of trouble connecting from Chicken of the VNC and other clients. While I like ARD (particularly the automatic ssh tunneling in v3), I only use the remote control feature, never its other management capabilities.

With Mac OS X 10.5 Leopard, Apple has bundled /System/Library/CoreServices/Screen Sharing.app, which provides the VNC capabilities I use from ARD and skips the other features I don't care about. It's my favorite Leopard feature, accessible from the Finder Sidebar, iChat, Server Admin, and through Back to My Mac (which seems to have some problems with security).

The only thing I don't like about Screen Sharing is that Apple apparently built encryption into the VNC protocol in an incompatible way. Apple's encryption is of course incompatible with all the other clients & servers, since it's Apple proprietary (just like their proprietary compression encodings). It's confusing because the Preferences options look identical to the ones in ARD3, which actually uses an ssh tunnel to provide encryption. It's a firewall problem because there are lots of places we a) allow ssh, b) block unencrypted VNC, and c) would allow encrypted VNC. ARD3's ssh tunneling is usable here but Screen Sharing's port 5900 connection is blocked. Fortunately the workaround is simple -- build the ssh tunnel manually, as is normal for non-ARD3 VNC users. I have this alias:

alias stss='open /System/Library/CoreServices/Screen\ Sharing.app/; ssh -C -4 -L 5901:127.0.0.1:5900'

I use it with a hostname, as in: stss www

That makes an ssh connection to the specified host (www in this case), sets up a tunnel from 5901 on my admin workstation to 5900 on the server (since the admin workstation is likely to be running the Remote Management/Screen Sharing agent on 5900 already), and gives me a shell on www. As a convenience, it also launches Screen Sharing for me. In the Screen Sharing Connect window, I type 127.0.0.1:5901, and connect to the local end of the tunnel on port 5901; it goes through ssh and I get secure remote control via the ssh port (so it works across any firewalls that allow ssh). It's actually doubly encrypted if I'm going across the Internet, since I always leave Screen Sharing's encryption on too -- if I forget to start the tunnel or connect to a machine that's not firewalled on port 5900, I want to be sure I'm not transmitting passwords in plaintext.

Friday, November 2 2007

Mac OS X: Authentication Timers

I have been reading about Mac OS X 10.5 Leopard Server and non-Server lately, and I was surprised to realize how many different authentication & authorization systems are running each with its own timer.

  1. Access to the "console" (keyboard/video/mouse): Ends when you log out or the locking screen saver kicks in.
  2. Authentication for administrative actions in Carbon/Cocoa programs (such as modifying system directories in the Finder): 5 minutes (I believe).
  3. Apple Keychain: Doesn't lock automatically unless you configure it in Keychain Access.
  4. ssh-agent (now linked to the Apple keychain): Clears when you reboot or when the Apple keychain locks.
  5. Kerberos V (both client-server and client-client): Apparently TGTs expire after 10 hours by default.
  6. sudo: 5 minutes by default.

Wednesday, October 17 2007

Leopard Server docs are available

Apple just posted the docs for Mac OS X 10.5 "Leopard" Server -- which I've been asking for in the beta program for over a year. As one tester said, "Now we finally can find out all what we should have been able to test in the last 14 months… "

And I can begin planning the migration from 10.4.10S on a PMG4 ("wind tunnel", dual 1.25GHz, 1gb, 250gb mirrored) to 10.5S on a PMG5 ("cheese grater", dual 2GHz, 2gb, 750gb mirrored). It looks like all reppep users will have to reset their passwords, as Apple doesn't support exporting passwords, and I don't want to upgrade my standalone 10.4 to Open Directory and then upgrade that to 10.5 on the PMG5. Now that I think of it, 10.4@G4 vs. 10.5@G5 is slightly amusing.

Also, I have 1,472 bugs logged, so between the ones in ADC now that don't show up, and the ones I will report by next Friday, I am no longer concerned about reaching 1,500 by 10.5 release.

Wednesday, October 10 2007

remount

I move a lot of video files around our apartment, generally over Apple Filing Protocol. All my systems have Gigabit Ethernet, but moving around often shifts me over to much slower AirPort (802.11g) wireless networking.

Apple has a nice reconnection feature that brings connections back up if the network goes away. In my situation, this means that if I'm sitting downstairs with a gigabit connection to my server and unplug the Ethernet, Mac OS X reconnects to the server via AirPort. I then carry my laptop upstairs and plug back in, now connected to the server over the wireless network. Wirelessly, downloading video takes at least 10 times as long.

I can get around this by putting the laptop to sleep before disconnecting Ethernet, but I don't use sleep as a rule, and I have to enter my password to wake up. I have verified that if I plug in via Ethernet, briefly disable AirPort, and then re-enable, Mac OS X will automatically reconnect via Ethernet, but that's awkward (and bounces iChat connections).

Tonight I have settled on a pretty good solution -- an alias that unmounts and remounts all my server volumes; for it to work right I have to make sure I don't have any of these volumes in use, but that's not difficult. The alias is:

alias remount='umount /Volumes/115gb/; umount /Volumes/280gb/; umount \
/Volumes/g5/; umount /Volumes/www/; umount /Volumes/pepper; open \
afp://wwwe/www afp://wwwe/115gb afp://g5e/g5 afp://g5e/280gb'

Monday, September 3 2007

Eudora 8.0.0b1 Released

Eudora 8.0.0b1 has been released.

This is the open-source package of the Thunderbird engine with the Penelope plug-in to add various Eudora features onto Thunderbird. I (like many others) have tried several times to switch from Qualcomm Eudora 6 to a different mail client with better IMAP support. I have tried Thunderbird (more than once), Mail.app (more than once), and Thunderbird+Penelope, but none of them were acceptable replacements for Eudora 6. Both Thunderbird and Mail.app are heavily mouse driven, while Eudora does an excellent job (especially with function keys and the toolbar) of supporting keyboard control.

It looks decent, but I think it was a bad idea to use "Eudora.app" and the same icon as Eudora 6. Once they have a release version this might make sense, but for now I run both Eudoras, meaning I had to change the name to avoid a conflict, and I can only tell them apart when Command-tabbing because the new Eudora has no actual icon -- just a green unread-messages badge over a missing icon. So telling them apart isn't difficult right now. Perhaps they can flip the Eudora icon left-to-right, and we could remember that the pencil pointing down-left is Qualcomm and pointing down-right is Thunderbird-based.

Now I have to try it out and figure out what's missing, and file bug reports.

Toolbar customization seems incomplete -- I can't yet figure out how to remove the Print button from the toolbar, although presumably this is just my own ignorance.

Monday, August 20 2007

Delicious Library Is a Thing of Beauty

I've spent the past 90 minutes or so scanning over 100 CDs into Delicious Library. These aren't even CDs I particularly want to keep -- I'd be happy to lala them, but it's great to have such a simple way to build a catalog.

I'm wishing for better integration already. DL doesn't pick up albums or album covers from iTunes, even though obviously there's a very strong correlation between CDs I own and complete albums in iTunes. Further, it doesn't interface to lala -- they already have a list of CDs I own, and automatic updating between lala and DL as I buy, send, and receive CDs would be excellent. Likewise, building web pages from the catalog requires a third-party utility (fortunately free).

This might be helpful for my parents, who own a 300 CD changer and have a lot of trouble keeping track of what's in it -- but I haven't gotten that far yet.

DL does books, movies, music, and games. It works most easily by scanning UPC barcodes with an iSight -- I'd heard about it and thought it sounded great, but only recently gotten a computer with an iSight built in. As it turns out I could probably have used my Sony TRV25 DV video camera, but this is fine. I expect to have all our CDs and DVDs within a month; afterwards I'll start scanning books. Not sure if I'll ever use the database for anything important, but it will be excellent to have a database.

For friends like James and Matthew who have out-of-control CD collections, this could be a huge deal.

DL serves as a good illustration of the differences between physical and virtual. Holding the CD in front of the camera is annoying and slow, while sucking information down from the Internet is fast. I suspect part of this is false perception, though, as it may well be pinging Amazon with tentative bar-code scans until one is verified, meaning the Internet lookup is already halfway done, and contributing to what feels like scanning time.

I only had one bar-code that read wrong consistently, and one CD (Snapshot: Live At the Iron Horse, by Livingston Taylor) where if I put the artist in DL doesn't know what it is -- on the other hand, if I leave the artist blank, DL correctly picks up the Amazon profile -- which shows Livingston Taylor on the site. Very strange.

Tip: Scanning got much faster after I rotated my MBP slightly. It was about 2' away from the wall, and once I turned the back of it slightly towards a ceiling light, so there was better illumination on CDs in front of the iSight, scanning took less than half as long as it had been. This is mentioned in the help, but I had thought there was sufficient light because it worked. I was impressed with the difference a small rotation made -- perhaps Delicious Monster will add a low light warning in a future version.

Unfortunately, Amazon doesn't format titles the way I do, so I'll consider DL a reference, and iTunes the master.

Thursday, July 12 2007

Stupid Parallels Trick: Avoiding Auto-Start

Parallels Desktop has a nifty feature, whereby it can automatically start a VM (virtual machine) automatically run whenever the VM is opened.

It has a somewhat less useful feature whereby VMs automatically close when stopped.

Parallels has a flaw and bug that a) you cannot even view the VM configuration when it's running, and b) when you try it generates an error, but not an option to stop the VM and edit.

The workaround (from Parallels' Help) is start Parallels and hold the Command key down when opening the VM. This circumvents the auto-start feature so you can configure the VM.

A better solution would be to a) let you pause a running VM and view its configuration in read-only mode, and b) if you try to edit, then offer to stop the VM and continue.

Sunday, June 3 2007

Hardcore: Installing Mac OS X via Command Line

My old desktop (PMG5 2x2GHz) is now at home, and I am installing Mac OS X Server 10.5 "Leopard" on it. I've done it at least half a dozen times already, sometimes finding bugs and often finding that I want to redo it for one reason or another, typically having to do with rearranging our home network. This is all since the latest beta was seeded, so I haven't had to reinstall to upgrade the beta, although that will happen as well.

When you boot the Mac OS X Server DVD, in addition to showing the normal graphical installer, it additionally starts sshd and Apple's ARD (VNC) server. You can log in via ssh as root with the machine serial number (first 8 characters, although the documentation incorrectly says 'digits'). I haven't tested non-Server, but for heavy-duty workstation deployments you'd probably want to be cloning images anyway, and Apple provides different tools for that. I did a bunch of seaerching for details on the procedure, but the only thing I found is Apple's CLI admin guide.

http://images.apple.com/server/pdfs/Command_Line_v10.4_2nd_Ed.pdf

Unfortunately, Apple does not make their Server Admin Tools compatible with the previous version of the OS, so in a single-test-system scenario, we're stuck with running these nice client-server admin clients on the server. I mostly do it via ARD rather than sit in the "server room" in our basement after the initial install. Better if I can pop the DVD in, reboot, and do everything remotely. Since I'm using a third-party hacked firmware on my Linksys WRT54G which provides static DHCP, I get to skip the step of finding which IP the PMG5 acquired (Apple provides a tool for this, or an nmap ping scan would work if everything else was static) -- DHCP automatically assigns the correct IP, which is also listed in /etc/hosts. Now I am starting to work through the CLI installation process, which resembles the documented Tiger Server CLI installation process.

Unfortunately, my notes on the process have to remain private, since Leopard is under NDA.

Sunday, May 6 2007

Mac OS X Keyboard Shortcuts

Apple just updated a long list of Mac OS X keyboard shortcuts. I found several I didn't know (and will not remember).

http://docs.info.apple.com/article.html?artnum=75459

Monday, April 30 2007

Macs Moved

As described in Major Mac Movements, I did a lot of computer shuffling recently. On Sunday night I moved my gigabit Ethernet switch to our private home network, which was much easier than I expected. I labelled all my Ethernet cables (the longest part), then plugged in an 8-port 10/100 switch, moved all the cables from the 8-port 10/100/1000 switch to the new one, and moved most of the cables from the Linksys WRT54G's 4-port switch to the (now-empty) GE switch.

Now network transfers from the PowerBook to the www (PMG4) max out slightly over 100mbps, and will get substantially faster when I upgrade the PowerBook to a MacBook Pro, and also in the fall when I swap the PMG5 in to become www.reppep.com.

Everything is done except the TiVo swap, although I may have to send the MacBook Pro back to Apple from work because the brightness still flickers, and will see if the 23" CD continues to flicker in the Super-Tent.

Monday, April 23 2007

Power Mac G5 Is a Busy Little Beast

Friday night I got 2 750gb hard drives for the Power Mac G5 I brought home from work. I was very impressed by the elegance of its hard drive bays (which have since been replaced by carriers in the Mac Pro), and it's much faster than anything else in our house (until Amy gets her MacBook tomorrow -- that might be faster), so I'm doing a little iMovie work on it.

I've installed Leopard Server several times already, having some trouble with networking/naming, largely around the fact that the Power Mac has an internal hostname & IP, an external hostname & IP, and a DNS hostname for the external IP which didn't agree. Mac OS X Server is picky about hostnames & IPs, and ironically this weekend I found and fixed a similar problem on my PMG4, which dates back to when it became the production (www|mail).reppep.com (shortly after 10.4.0 [Server] was released); I noticed the old name kept showing up in odd places, and now I know why. changeip is your friend.

I just checked, and I have sent 24 messages to Apple since Friday night; probably 1/4 are updates for existing reports. Most of them are about very small points.

The new box will be a Leopard Server testbed until it's released, and then the production (www|mail).reppep.com, with much more disk capacity and general "oomph".

For the stuff I had planned a week ago, I've done most of it, but the TiVo isn't connected yet (it's sitting under a table waiting for me to take the time, but the APExpress is ready to go); Amy's MacBook arrives tomorrow, and I just sent my original MacBook Pro to Apple to get its backlight fixed and perhaps battery replaced; once it's back I am considering sending the new 23" CD in to have its backlight replaced, as it's got an annoying flicker in the lower right quadrant.

The rest is done; I can now post images to Julia's site at 100mbps from my PowerBook, rather than AirPort speeds, and I am considering moving the GE switch to the inside, since that would let the PowerBook run at full speed (and most bulk transfers are betweeen it and the server), and obviously the front side of the network is throttled by our 3mbps/768kbps DSL circuit. But it requires me to use different names for everything to get top speed and bring an old 100mbps switch back online, so I'm not hurrying to implement. I can see the GE is working, though -- I just moved a 1.35gb iMovie project from the PMG5 to the PMG4, and it peaked at 300mbps, averaging half that. After I invert the network I'll see if the PBG4 can do faster transfers than the PMG4.

I decided to hold onto the Dell PC, since nobody else wants it and it's a fine machine for XP or Linux; I'll just leave it in a corner until I come up with a worthwhile use for it.

It's very nice to have an iPod on the stereo again.

Wednesday, April 18 2007

4 Cores, Working

Last week, I was discussing the Mac Pro octos with Adam, and bemoaning how expensive they are (the top price you can configure is over $18k for a single machine). I was saying I could really use more than 4 cores, and Adam didn't seem to believe me.

Today, I ran Parallels Transporter on my Dell (via Remote Desktop Connection) to make a VM for running inside Parallels. I was impressed with how simple it was, although the VM didn't actually work.

I also installed Solaris 10/x86 in a VM, which was painless, although it insists on running at 1920x1600 (the 23" CD's native resolution), which is not what I want. I set the resolution within Parallels (I hate that you can't do that without shutting down the VM!), but that doesn't help. I'm sure I'll get it soon, but it's lame.

I was also burning the latest Leopard Server seed for testing (the first time I tried it never finished closing the session, but this one seems good), with the source image being served up via Samba.

So with an install and a DVD burn locally, and an RDC session, plus background tasks, I passed 50% on 3 cores. Note that I wasn't actually doing anything, except waiting for the installs to complete. Ideally, I'd just leave Solaris 10, WinXP, and RHEL5 all running idle or paused, but with 4 cores that would be foolish.

4 cores working

The old PMG5 had 2 1280x1024 displays (2.5mpixel); one died, and I replaced it with a 1600x1200 Samsung 20", but the video card couldn't handle it (design flaw), so I stuck with dual 1280x1024; one of those won't work with the Mac Pro (no ADC), and the other will go home, where it belongs. With the Mac Pro upgrade, I am moving up to 1920x1200 + 1600x1200 (5.5mpixel). Sweet!

- page 1 of 2